Has anyone else seen this during the install.Adding signature: SigOfGeneral 5298 to /usr/nr/etc/ppacketd.confevery signature added is going to /usr/nr/etc/packetd.confas opposed to this one which is going to /usr/nr/etc/ppacketd.confIs this a typing ...
Is anyone else having issues with a 4210 sensor 3.1(2)S23 using shun command on pix 515 version 6.2.(1)? Worked fine until pix OS was upgraded.Anything diffrent that needs to be done?Thanks,Aaron
If your PATing it will not work. You must have a one to one nated address in order to be able to vpn from the inside going out through pix. If you customer has a vpn concentrator he could set it up to allow ipsec through tcp and that would work fine.
I don't see why you would use access-list and conduits simultaneously, but either way since the dmz has lower security than the inside you would apply an access-list on the dmz interface specifying the services needed to enter the inside, just like y...
Set the telnet command to permit your VPN address range. When the tunnel is created, don't telnet to private or inside address of pix. Telnet to the public or outside interface.This should work.
PIX doesn't reroute traffic. You have to set default gateway on all pc's to router and in insert a default route into the router pointing to pix.hope this helps